CVE-2021-41279, GHSA-4x2f-54wr-4hjg
packagist/baserproject/basercms
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
BaserCMS is an open source content management system with a focus on Japanese language support. Users with upload privilege may upload crafted zip files capable of path traversal on the host operating system. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users.
All versions before 4.5.4
Upgrade to version 4.5.4 or above.
2021-12-01
source |